General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Overlapping entry in custom url lists

I have 2 custom url categories. One as whitelist and other as blacklist. I am in the situation where I have *.youtube.com in allow list and needed to block tv.youtube.com

I added tv.youtube.com to blocklist but the firewall is still taking *.youtube.c

...

Resolved! How to allow GRE protocol 47 through Palo Alto FW?

Dear Friends, 

I'd be grateful if you could help me with this ...

 

I'd like to allow GRE traffic (protocol 47) through my Palo Alto FW. I want to allow all the GRE traffic through and not terminate a GRE tunnel on the PA itself. Appologies if this is s

...

Jedi_D by L2 Linker
  • 5758 Views
  • 3 replies
  • 0 Likes

Firewall with Vsys in Panorama

Hello

 

We are managing a several firewalls with single vsys with our M500 Panorama.

 

Now we will be adding a new PA Firewall with multiple context to panorama.

 

So the question is: What is recommended

 

1. Should we first add the firewall in panorama and

...

Data centre backup solutions which support PANOS8

What Data Centre backup solutions support PAN devices (both panorama and firewalls)?

Backbox seems to be a preferred PAN partner - http://hemispheretechnologies.com.au/cms/wp-content/uploads/2017/01/PaloAltoNetwork_BBX-Solution-Brief_2017.pdf

Are there

...

DDyall by L0 Member
  • 3253 Views
  • 6 replies
  • 0 Likes

Resolved! Global Protect pangps log messages - What to watch for

Our company just finished a rollout of the Global Protect client to all of our locations.  Now we are getting occasional complaints about disconnects/reconnect and other assorted odd behaviour.  Much of this is just users looking for something to bla

...

BeejCyr by L1 Bithead
  • 4587 Views
  • 1 replies
  • 0 Likes

Resolved! Configuration and Management (EDU-110) > Lab question

Hello, I am starting with this training "Firewall 8.0 Essentials: Configuration and Management (EDU-110)" and on page 12  it states:

 

1. Launch a browser and connect to https://192.168.1.254

 

Is there any other way to access this lab? or any lab enviro

...

perezk by L1 Bithead
  • 3127 Views
  • 4 replies
  • 0 Likes

Resolved! ProxyARP default setting

Hi Team,

               Is ProxyARP is enabled by default. Can we disable or enable this feature in PA??

 

with regards,

Ram

Resolved! Deployment job update licenses

Just curious, I noticed that at 01:17 my panorama connects to updates.paloaltonetworks.com then completes a "Deployment job update licenses" job for each of my firewalls.  This isn't anything to do with the sceduled dynamic updates as the timings are

...

djr by L4 Transporter
  • 5538 Views
  • 2 replies
  • 0 Likes

Resolved! Cryptocurrency Mining?

Hi folks,

 

We recently had a pen test and had positive results.  We do not use URL filtering, but have everything else.

However, on 12/24/2017 we can now see a reboot.txt file sitting in our Windows\temp directory on an Oracle OAM server.

Luckly, Carbon

...

OMatlock by L4 Transporter
  • 5196 Views
  • 16 replies
  • 0 Likes

Resolved! Exempt alerting for specific threat

We have an open wifi network and do see lot of coinhive spyware threat alerts. Recently a user genrated in excess 30000 email alerts for CoinHive JavaScript Detection. We don't want to block the user and also the external IP is not single one. Firewa

...

raji_toor by L4 Transporter
  • 3802 Views
  • 5 replies
  • 0 Likes

External up but, internal Outage, Migrating Users

Hi,

 

I am looking to explore options that in a situation when the External Edge may be "up" but, the internal resources have failed. For example, a core switch has crashed but, the firewalls and internet routers are still online. Users will connect to

...

nicford by L2 Linker
  • 1989 Views
  • 3 replies
  • 0 Likes

Resolved! Filtering Azure IP ranges based on a subset of regions?

I'm attempting to filter the azure.cloudIPs miner based on a subset of specific regions. I've customized IPv4 aggregators to specify individual regions (as shown below), and this works correctly. However what would the syntax be to filter on multiple

...

mpetzold by L0 Member
  • 4728 Views
  • 2 replies
  • 0 Likes

Tag Unused Rules

How to tag all unused security policies. I'm faimilar with the "highlight unused" and > show running rule-use rule-base security type unused vsys vsys1 command.

 

Is there a way I can then easily tag all my rules used say older than 90 days? 

nicford by L2 Linker
  • 6640 Views
  • 10 replies
  • 1 Likes
  • 24008 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Liked Authors
Labels